Tag Archive for: data

NHS Scotland Clinical Data Published Ransomware

/in


Health authorities in Scotland have hit out at a ransomware gang after it started publishing data including clinical and personal identifiable information of both patients and staff.

The confirmation came after NHS Dumfries and Galloway had warned on 15 March that it had been the target of a focused and ongoing cyber attack on its IT systems.

It has been widely reported that the hacking gang, dubbed INC Ransom, had obtained 3TB (terabytes) worth of data, and are threatening to publish the entire tranche of data unless a ransom is paid.

Data published

Now the NHS has condemned the decision of the hackers to publish some of the data.

“NHS Dumfries and Galloway is aware that clinical data relating to a small number of patients has been published by a recognised ransomware group,” the board said in a statement. “This follows a recent focused cyber attack on the Board’s IT systems, when hackers were able to access a significant amount of data including patient and staff-identifiable information.”

NHS Dumfries and Galloway chief executive Jeff Ace condemned the publication of the data.

“We absolutely deplore the release of confidential patient data as part of this criminal act,” said Ace. “This information has been released by hackers to evidence that this is in their possession.”

“We are continuing to work with Police Scotland, the National Cyber Security Centre, the Scottish Government, and other agencies in response to this developing situation,” Ace said. “Patient-facing services continue to function effectively as normal.”

“As part of this response, we will be making contact with any patients whose data has been leaked at this point, and continue working to limit any sharing of this information,” Ace added.

“NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patients whose data has been published, and the general anxiety which might result within our patient population.”

The INC ransomware operation is now threatening to leak more data via their dark web leak site.

Frustrated hackers

The refusal of NHS Scotland to pay the hackers ransomware demand was noted by William Wright, CEO of Scotland-based

Source…

China linked to UK cyber-attacks on voter data, Dowden to say

/in


  • By James Gregory & Iain Watson, political correspondent
  • BBC News

Image caption,

Deputy Prime Minister Oliver Dowden is expected to address MPs on the threat

The UK government is expected to link cyber-attacks which accessed personal details of millions of voters to China.

The attacks on the Electoral Commission took place in August 2021 but were only revealed last year.

Several MPs and peers who have been critical of Beijing are thought to have also been targeted in cyber-attacks.

The prime minister called China “the greatest state-based challenge to our national security”.

Rishi Sunak said: “China represents an economic threat to our security and an epoch-defining challenge.

“So it is right we take steps to protect ourselves.”

The BBC understands other Western nations will set out similar concerns.

Acknowledging the attacks last August, the Electoral Commission said unspecified “hostile actors” had gained access to copies of the electoral registers and broken into its emails and “control systems”, but added that it had neither had any impact on any elections nor anyone’s registration status.

The commission said last August that they weren’t able to predict exactly how many people could be affected, but that the register for each year contained the details of around 40 million people.

Deputy Prime Minister Oliver Dowden will address Parliament on Monday about the threat.

It is now thought that Mr Dowden will suggest those behind the attack had links to Beijing, as well as laying out how the UK will respond to what it deems a wider threat.

Publicly identifying the attackers lays the groundwork for potential legal and political actions, such as sanctions or diplomatic protests.

Linking the attackers to China, a fellow member of the UN Security Council, would be an escalation in the diplomatic tension between the two countries.

The prime minister then was David Cameron, who is now the foreign secretary after taking a seat in the House of Lords last year.

China’s foreign ministry spokesperson Lin Jian said the government cracked down and punished all types of malicious cyber activities.

He called on all parties to “stop spreading false information and…

Source…

Colorado public defender cyberattack may have exposed personal data

/in


A screenshot shows redacted text messages provided to The Denver Post by the Governor’s Office of Information Technology in response to an open records request about the ransomware attack on the Office of the Colorado State Public Defender. (Image via Governor’s Office of Information Technology)

The Office of the Colorado State Public Defender has acknowledged personal data may have been stolen during a ransomware attack that crippled the statewide agency in early February — but won’t say much else about the ongoing effort to restore its systems after the hack.

Files “were copied without permission” during the cyberattack, which was discovered on Feb. 9, and those files may have included names, Social Security numbers, driver’s license numbers, medical information and health insurance information, the agency said in a statement Friday.

Officials from the public defender’s office are still investigating whose personal data may have been stolen, and whether the personal data of attorneys or their clients was compromised, they said. A statement on the agency’s website urges “individuals” to remain vigilant against identity theft and fraud.

It’s been more than a month since public defenders across the state were locked out of their computers and files in the ransomware attack and hundreds of court hearings were delayed over the next week because public defenders couldn’t do their jobs.

Officials this week refused to answer questions from The Denver Post about what particular parts of the agency’s systems remain inoperable. In a ransomware attack, hackers use malware to hold an organization’s data hostage then demand a payment in cryptocurrency in order for organizations to regain access to that data.

The public defender’s office also would not disclose the amount of ransom demanded or whether a ransom was paid. A statement on the agency’s website says the office has “made progress in returning to full operations.”

Heavily redacted emails and text messages released to The Post by the Governor’s Office of Information Technology this week in response to an open records request mention the cyberattack recovery law…

Source…

2024 Thales Data Threat Report Reveals Rise In Ransomware Attacks, As Compliance Failings Leave Businesses Vulnerable To…

/in


(MENAFN– AETOSWire) (BUSINESS WIRE ) — Thales today announced the release of the 2024 Thales Data Threat Report , its annual report on the latest data security threats, trends, and emerging topics based on a survey of nearly 3000 IT and security professionals in 18 countries across 37 industries. This year’s report found that 93% of IT professionals believe security threats are increasing in volume or severity, a significant rise from 47% last year.

Threats continue to increase in volume and severity

The number of enterprises experiencing ransomware attacks surged by over 27% in the past year. Despite this escalating threat, less than half of organisations have a formal ransomware plan in place, with 8% resorting to paying the ransom demands.

Malware stands out as the fastest-growing threat of 2024, with 41% of enterprises witnessing a malware attack in the past year – closely followed by phishing and ransomware. Cloud assets, including SaaS applications, cloud-based storage, and cloud infrastructure management, remain the primary targets for such attacks.

The report shows that for a second year running, human error remains the leading cause of data breaches, with 31% of enterprises pinpointing this as the root cause.

These insights are drawn from the 2024 Thales Data Threat Report, conducted by 451 Research. The report sheds light on how businesses are adapting their data security strategies and practices in response to an evolving threat landscape.

Compliance is the key to data security

The research found that over two fifths (43%) of enterprises failed a compliance audit in the past twelve months – with the report highlighting a very clear correlation between compliance and data security.

Of those that had failed a compliance audit in the past twelve months, 31% had experienced a breach that very same year. This compares to just 3% of those who had passed compliance audits.

Operational complexity continues to cause data headaches

Fundamental understanding of what systems, applications, and data are at risk continue to lag due to changing regulatory and threat landscapes. Only a third (33%) of organisations are…

Source…